Update documentation since vulnerable packages are not moved

to the vulnerable/ directory any longer.

3 files changed, 14 insertions, 23 deletions

diff --git a/doc/guide/files/bulk.xml b/doc/guide/files/bulk.xml
index e3382d20b5e..0be15cfe639 100644
--- a/doc/guide/files/bulk.xml
+++ b/doc/guide/files/bulk.xml
@@ -1,4 +1,4 @@
-<!-- $NetBSD: bulk.xml,v 1.7 2009/10/11 20:50:48 rillig Exp $ -->
+<!-- $NetBSD: bulk.xml,v 1.8 2010/03/18 10:56:18 wiz Exp $ -->
 
 <chapter id="bulk">
 <title>Creating binary packages for everything in pkgsrc (bulk
@@ -157,13 +157,12 @@ SKIP_LICENSE_CHECK=    yes
 	<itemizedlist>
 
 	  <listitem><para><varname>ALLOW_VULNERABLE_PACKAGES</varname>
-	  should be set to <literal>yes</literal>. The purpose of the bulk
-	  builds is creating binary packages, no matter if they are
-	  vulnerable or not. When uploading the packages to a public
-	  server, the vulnerable packages will be put into a directory of
-	  their own. Leaving this variable unset would prevent the bulk
-	  build system from even trying to build them, so possible
-	  building errors would not show up.</para></listitem>
+	  should be set to <literal>yes</literal>. The purpose of the
+	  bulk builds is creating binary packages, no matter if they
+	  are vulnerable or not. Leaving this variable unset would
+	  prevent the bulk build system from even trying to build
+	  them, so possible building errors would not show
+	  up.</para></listitem>
 
 	  <listitem><para><varname>CHECK_FILES</varname>
 	  (<filename>pkgsrc/mk/check/check-files.mk</filename>) can be set to
@@ -585,8 +584,7 @@ chroot-&rprompt; <userinput>exit</userinput>
       <para>The upload process may take quite some time. Use &man.ls.1; or
       &man.du.1; on the FTP server to monitor progress of the
       upload. The upload script will take care of not uploading
-      restricted packages and putting vulnerable packages into the
-      <filename>vulnerable</filename> subdirectory.</para>
+      restricted packages.</para>
 
       <para>After the upload has ended, first thing is to revoke ssh access:</para>
 
diff --git a/doc/guide/files/faq.xml b/doc/guide/files/faq.xml
index 05ca922fa70..a3fac3080a0 100644
--- a/doc/guide/files/faq.xml
+++ b/doc/guide/files/faq.xml
@@ -1,4 +1,4 @@
-<!-- $NetBSD: faq.xml,v 1.45 2009/04/20 17:07:13 ver Exp $ -->
+<!-- $NetBSD: faq.xml,v 1.46 2010/03/18 10:56:18 wiz Exp $ -->
 
 <chapter id="faq"> <?dbhtml filename="faq.html"?>
 <title>Frequently Asked Questions</title>
@@ -528,7 +528,7 @@ do this, refer to the following two tools (installed as part of the
 
   <listitem>
     <para><command>pkg_admin audit</command>, an easy way to audit the
-    current machine, checking each vulnerability which is known.  If a
+    current machine, checking each known vulnerability.  If a
     vulnerable package is installed, it will be shown by output to stdout,
     including a description of the type of vulnerability, and a URL
     containing more information.</para>
diff --git a/doc/guide/files/using.xml b/doc/guide/files/using.xml
index a783d1c6402..0f589ce28af 100644
--- a/doc/guide/files/using.xml
+++ b/doc/guide/files/using.xml
@@ -1,4 +1,4 @@
-<!-- $NetBSD: using.xml,v 1.37 2009/08/25 13:19:50 wiz Exp $ -->
+<!-- $NetBSD: using.xml,v 1.38 2010/03/18 10:56:18 wiz Exp $ -->
 
 <chapter id="using"> <?dbhtml filename="using.html"?>
 <title>Using pkgsrc</title>
@@ -60,9 +60,7 @@ and you can still use binary packages from someone else.</para>
     subdirectory called <filename>All</filename>, which contains all the
     binary packages that are available for the platform, excluding those
     that may not be distributed via FTP or CDROM (depending on which
-    medium you are using), and the ones that have vulnerabilities and
-    therefore are considered insecure to install without thinking
-    before.</para>
+    medium you are using).</para>
 
     <para>To install packages directly from an FTP or HTTP server, run
     the following commands in a Bourne-compatible shell (be sure to
@@ -93,13 +91,8 @@ and you can still use binary packages from someone else.</para>
     package in question will be installed, too, assuming they are
     present where you install from.</para>
 
-    <para>As mentioned above, packages for which vulnerabilities get
-    known are not stored in the <filename>All</filename> subdirectory.
-    They don't get deleted since that could be very frustrating if many
-    other packages depend on it. Instead, they are moved to the
-    <filename>vulnerable</filename> subdirectory. So you may need to add
-    this directory to the <varname>PKG_PATH</varname> variable. 
-    However, you should run <command>pkg_admin audit</command>
+    <para>Adding packages might install vulnerable packages.
+    Thus you should run <command>pkg_admin audit</command>
     regularly, especially after installing new packages, and verify
     that the vulnerabilities are acceptable for your configuration.</para>